Get best of the week

“You Can’t Get Bored Here: How It Works at Solar JSOC Regional Branches

Today, our Solar JSOC Cyber ​​Attack Monitoring and Response Center celebrates its birthday. We are 8 years old! Back in 2012, when we were very young (the Solar JSOC team totaled 6-7 people in Nizhny Novgorod and the same number in Moscow), no one really knew what SOC was and why it was needed in the information security market. “Old-timers” recall that they worked on a hunch, they came up with job descriptions on the go, gradually creating a professional monitoring center from a group of enthusiasts.



Over the years, we have grown, technology has transformed, but our understanding has remained unchanged that SOC is, first of all, people. Now Solar JSOC is a total of about 200 people in Moscow, Samara, Khabarovsk, Rostov-on-Don and Nizhny Novgorod, where our largest regional branch is located. We talked with the guys who were at the origins of creating a monitoring center in Nizhny Novgorod, as well as with colleagues from other branches, about how they got into the company and why they chose this specialty, then unknown to anyone, at one time.

, Solar JSOC ( ):



« , Solar JSOC. . — . Solar JSOC – « -»».

, Solar JSOC ( ):



« JSOC 2016 . « » — . - , , , . , . , – . , , , -. , . , - , . ».

Not everyone has a way in Solar JSOC was so "profile". The head of the incident technical processing department Vasily Tikhomirov studied at the oligophrenopedagogue (yes, there are such specialists - they teach children with intellectual disabilities) and even managed to work by profession before they realized that the “soul” lies in a completely different way.

Vasily Tikhomirov, Head of Incident Technical Processing Department, Solar JSOC (Nizhny Novgorod):



« , . , , . - , . - IT, . , Microsoft. « », .

At JSOC, I went through all the stages, from the first-line engineer to the leader. It is nice that out of the scattered engineers involved in similar activities, we managed to make two teams - the first and second line. Moreover, I trust the second line so much that I can blindly broadcast their findings above without even checking. ”

Many already at the stage of the interview realized that they were in a company where their atmosphere reigns.

Ilya Levanov, Engineer of the first line of administration, Solar JSOC (Nizhny Novgorod):



“I have been working since May 2016. Lesha Krivonogov [Solar JSOC Deputy Director for Regional Network Development] . , , - , . , , . , , , . , . . – , , -. , , ».

For several years, Nizhny Novgorod Solar JSOC has come a long way from a small office covering the tasks of the shift on duty to an independent center of expertise for monitoring and responding to computer attacks. The guys assure that there is a lot of creativity in their work, and not just mathematics and algorithms.

Andrey Eregin, Senior Analyst, Solar JSOC Technical Analytics and Response Group (Nizhny Novgorod):

“You can’t get bored here: almost always there is a task that you haven’t completed before, including individual tasks from customers. Our work resembles a children's designer: there are a lot of bricks, and a picture is formed in the head of what you want to build from them. So here: we begin to develop proposals, read, search and collect logs. ”

, Solar JSOC ( ):



« . – , – , . , , - , . JSOC, , , . , .

And as an analyst, I like that we offer the customer something really necessary and important. In general, the role of the analyst assumes a technical background, but at the same time, he must have certain soft skills: concentration, attentiveness, a systematic approach. When investigating an incident, sometimes you need to spend 10-12 hours on routine work - you sort through all possible options, and at some point the eye clings to something non-standard, like the tip of a thread. At this moment, excitement appears. ”

Managing stern men is not easy, especially if you are a fragile girl. Valeria Travnikova, head of the first line of Solar JSOC administration, calls her subordinates "kids" and herself - "chicken mom."

Valeria Travnikova, Head of the first administration line of Solar JSOC (Nizhny Novgorod):



« «» . IT , JSOC , , – . , , . , . JSOC , , . : , . ».

When Solar JSOC was just created, managers and their subordinates had to act “blindly”, because the newly created company did not really have internal regulations, and everyone acted by trial and error.

Alina Bebneva, head of the first monitoring line of Solar JSOC (Nizhny Novgorod):



“When I joined the JSOC in 2016, there were several people who did not have instructions, and together we started creating internal content for employees. It was all intuitive, and we filled the bumps, thinking out how to set up the processes.

2018 . , . , , – . , , , , - . , , . , , , . , , – . , : ».

However, the regional Solar JSOC is not only a branch in Nizhny Novgorod, but also branches in Samara and Khabarovsk, where teams are just being formed, but they already play an important role in the work of the monitoring center.

Valentin Terentyev, engineer of the first monitoring line (Samara) , on the right photo:



“Solar JSOC was the sponsor of VOLGA CTF, and I was the organizer. Then there was information that the Solar JSOC office was opened in our city, and the head of the Samara branch collects the strongest team in the region. Then I decided to try, which I do not regret at all. In my work, I feel not so much excitement as responsibility towards the customer. It’s more interesting for me to protect the system, and not “hit the attacker with the head”.

Ruslan Kazakov, engineer of the first monitoring line (Khabarovsk), on the photo - to the right:


“Solar JSOC were sponsors of our CTF, and we, as a whole student gop company, came to the first line of monitoring. The first line is interesting in that it helps to understand how it all works. But working here, one can’t help but think about development: I would like to see how forensers or pentesters work. ”



In the end, we asked the guys how they see the future of JSOC and their own development in the industry.

Valeria Travnikova, Head of the first administration line of Solar JSOC (Nizhny Novgorod):

« . , . , . , ».

, Solar JSOC ( ):

« : . – , , JSOC ».

, Solar JSOC ( ):

« . , , -, . « ». ».
, Solar JSOC ( ):



– JSOC?

– 2013 « », , JSOC . , «» IT-, . , , , . , , .

– ?

– , . , , . , – . . , - , , ASAP. C C – , . , , , , .

– ?

- Students have to be taught, and not with technical things, but with respect to life and work. Unfortunately, the overall student level has fallen dramatically over the past 10 years. Many have no incentive to practice independently during the training period, and academic knowledge that is not backed by practice quickly disappears.



Our internships, grounding theoretical knowledge on practical safety, allow children to start their career in an industry where, for the time being, the path was open only to seasoned bison experts. And the guys fully realize this opportunity. On average, more than a third of the interns become our colleagues, and some show really fantastic results - just remember the sprint of Sasha Slastnikova through all the lines of expertise that she completed in just four years.

As you probably guessed, some time has passed since the interview. During this period, we managed not only to fully integrate the Khabarovsk and Samara branches into our processes (simultaneously optimizing these processes for the new opportunities that the distributed team gives us), but we also supplemented our presence with a unit in Rostov-on-Don, where it is currently suitable to complete the first student internship. We are not stopping at what has been achieved - there are already plans for the further development of the branch network.

And in this regard, we have gone further than simply satisfying our resource needs. We are closely involved in the formation of specialized expertise in the regions of presence (and throughout Russia), lower the threshold for entering the profession for young professionals and create an enabling environment for the formation of a truly secure digital society. Such a modest social mission;).

More articles:


All Articles